Full Disclosure mailing list archives
RE: New Microsoft Internet Explorer mshtml.dll Denial of Service?
From: "Steve Wray" <steve.wray () paradise net nz>
Date: Wed, 3 Sep 2003 08:16:21 +1200
So why is it that visiting the page directly from MSIE from html like this; <html> <head> </head> <body> <a href="http://www.galad.com/extras/cg/cg.htm">crash</a> </body> </html> I get no crash? But clicking through from outlook I do? Ie; clicking from outlook = crash clicking from IE = no crash clicking from outlook afterward = crash
-----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Tiago Halm Sent: Wednesday, 3 September 2003 4:37 a.m. To: 'Pellmann Paul'; full-disclosure () lists netsys com Subject: RE: [Full-disclosure] New Microsoft Internet Explorer mshtml.dll Denial of Service? Paul has a point here, I believe! After a **lot** of html code "trimming" I came with an offline version of the page like this: ------------------------------------------------------ <html> <body> <table border="0" cellspacing="0" cellpadding="0"> <tr> <td><img src="http://www.galad.com/frame/e1x1.gif" width="1" height="1" alt=""></td> </tr> </table> </body> </html> ------------------------------------------------------- and this piece of code does crash my browser (6.0.2800.1106) on windows 2000 server all patches and fixes up to date. NOTE: Every time you **want** the browser to crash, you must delete it from the "Temporary Internet Files" before loading it in your browser.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- AW: New Microsoft Internet Explorer mshtml.dll Denial of Service? Pellmann Paul (Sep 02)
- RE: New Microsoft Internet Explorer mshtml.dll Denial of Service? Tiago Halm (Sep 02)
- Re: New Microsoft Internet Explorer mshtml.dll Denial of Service? Tim (Sep 02)
- Re: New Microsoft Internet Explorer mshtml.dll Denial of Service? Tim (Sep 02)
- RE: New Microsoft Internet Explorer mshtml.dll Denial of Service? nonleft (Sep 02)
- RE: New Microsoft Internet Explorer mshtml.dll Denial of Service? Tiago Halm (Sep 02)
- RE: New Microsoft Internet Explorer mshtml.dll Denial of Service? Steve Wray (Sep 02)
- Message not available
- Message not available
- Re: About Gif's Karl-Heinz Kreis (Sep 03)
- Message not available
- RE: New Microsoft Internet Explorer mshtml.dll Denial of Service? Tiago Halm (Sep 02)